The global telecom industry is racing towards smarter networks, faster connections and seamless satellite integration. But cybercriminals are not being left behind. As operators close the books on 2025, cybersecurity experts are warning that the threats shaping the sector last year are colliding with new technological risks that could amplify their impact.
According to the latest findings from Kaspersky’s Security Bulletin, the telecommunications sector is entering a phase where old attack methods meet emerging infrastructure.
The Same Threats, Higher Stakes
In 2025, telecom operators continued to face sustained pressure from advanced persistent threats (APTs), supply chain vulnerabilities, distributed denial-of-service (DDoS) attacks and SIM-enabled fraud. These were not isolated incidents, but recurring patterns that exploited the industry’s scale, interconnectivity and dependence on multiple vendors.
Kaspersky Security Network data shows that between November 2024 and October 2025, nearly 13 percent of users in the telecommunications sector encountered web-based threats. Meanwhile, more than 20 percent were exposed to on-device threats. Globally, close to 10 percent of telecom organisations were affected by ransomware during the same period.
What makes these figures more concerning is not just their volume, but their persistence. APT groups, in particular, continue to target telecom infrastructure for long-term access, espionage and strategic leverage, using compromised network positions as silent footholds.
Supply Chains Remain A Soft Target
Telecommunications ecosystems rely on an extensive web of software providers, contractors and technology partners. While this enables rapid innovation, it also expands the attack surface.
Supply chain compromises remain a favoured entry point for attackers, allowing them to exploit weaknesses in widely deployed platforms or trusted third-party services. Once inside, threat actors can move laterally across networks that were never designed to be breached from within.
For operators, this means that cybersecurity is no longer confined to internal systems. It extends to every vendor relationship and integration point.
DDoS Is No Longer Just An IT Problem
DDoS attacks continue to disrupt telecom services, but Kaspersky’s research frames them less as isolated security incidents and more as a capacity and availability challenge.
Modern DDoS campaigns can overwhelm edge routing, degrade service quality and trigger customer-facing outages before traditional security alerts are raised. Without proactive monitoring and upstream mitigation, congestion signals often appear only when user experience is already affected.
As networks grow more complex, the operational cost of downtime is rising just as fast as the technical one.
New Technologies, New Operational Risks
While legacy threats persist, 2026 introduces a new layer of risk tied to technology transitions. Kaspersky highlights three areas where uneven or rushed deployment could create vulnerabilities.
AI-assisted network management promises efficiency, but automation can amplify configuration errors or act on manipulated data at scale if human oversight is removed. Post-quantum cryptography transitions, meanwhile, risk interoperability and performance issues if hybrid models are deployed without sufficient testing. The integration of 5G networks with satellite services further expands service footprints, introducing new partners, dependencies and potential failure points.
As Kaspersky researcher Leonid Bezvershenko notes, the challenge for operators is no longer choosing between innovation and security, but ensuring both advance together.
Why 2026 Will Be A Defining Year For Telecom Security
The telecommunications sector is shifting from experimentation to full-scale implementation of next-generation technologies. This transition marks a critical moment: security decisions made now will shape network resilience for years to come.
Kaspersky’s recommendations point towards a more integrated approach. That is through combining continuous threat intelligence, staged technology rollouts, human oversight in automation, and advanced detection and response capabilities.
For telecom operators, the message is clear. The threats of 2025 have not disappeared; they have evolved. And in 2026, resilience will depend on how well organisations secure not just their networks, but the technologies redefining them.
